Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access a Vpc's Internet Gateway #5327

Closed
2 tasks
jeanblanchard opened this issue Dec 6, 2019 · 8 comments · Fixed by #7939
Closed
2 tasks

Access a Vpc's Internet Gateway #5327

jeanblanchard opened this issue Dec 6, 2019 · 8 comments · Fixed by #7939
Assignees
@rix0rrr
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. in-progress This issue is being actively worked on.

Comments

@jeanblanchard
Copy link

Add an accessor to the Internet Gateway that was created by the Vpc construct.

Use Case

Trying to add a PublicSubnet to an existing Vpc (with existing public subnets), there is no way to create a route to the Vpc's existing Internet Gateway, because the reference is not exposed anywhere (that I could find), so the PublicSubnet is not effectively public.

Proposed Solution

  • Either add an accessor to a VPC's internet gateway, if any
  • Or have the PublicSubnet constructor automagically create the route from the VPC it's a part of.

(Or, ideally, both)

Other

I'd take a workaround within CDK, that allows this without creating (and paying for) a second IGW...

  • 👋 I may be able to implement this feature request
  • ⚠️ This feature might incur a breaking change

This is a 🚀 Feature Request
@jeanblanchard jeanblanchard added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Dec 6, 2019
@jeanblanchard jeanblanchard changed the title Access a Vpc's Internet Gateway Access a Vpc's Internet Gateway Dec 6, 2019
@jeanblanchard
Copy link
Author

Update - I found my workaround, using an escape hatch to get the "IGW" child resource in the Vpc construct:

    const igw = vpc.node.findChild('IGW') as CfnInternetGateway;
    new CfnRoute(this, 'IGW', {
      routeTableId: subnet.routeTable.routeTableId,
      destinationCidrBlock: '0.0.0.0/0',
      gatewayId: igw.ref,
    });

@SomayaB SomayaB self-assigned this Dec 9, 2019
@SomayaB
Copy link
Contributor

SomayaB commented Dec 20, 2019

Glad you could figure it out! :) Closing this issue. Feel free to reopen.

@SomayaB SomayaB closed this as completed Dec 20, 2019
@shearn89
Copy link
Contributor

Having a stab at this, hope to have a PR out soon.

@shearn89 shearn89 mentioned this issue May 12, 2020
Merged
@SomayaB SomayaB reopened this May 15, 2020
@SomayaB SomayaB added in-progress This issue is being actively worked on. @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud and removed needs-triage This issue or PR still needs to be triaged. package/vpc labels May 15, 2020
@SomayaB SomayaB assigned rix0rrr and unassigned SomayaB May 27, 2020
@rix0rrr rix0rrr added the effort/medium Medium work item – several days of effort label May 27, 2020
@mergify mergify bot closed this as completed in #7939 Jul 19, 2020
mergify bot pushed a commit that referenced this issue Jul 19, 2020
@shearn89
feat(ec2): access a vpc's internet gateway (#7939)
cb5dad8 
This commit introduces a new `internetGateway` attribute to the VPC
construct to allow for creative routing using the default IGW added
with when using a public subnet.

Resolves #5327

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Chriscbr pushed a commit to Chriscbr/aws-cdk that referenced this issue Jul 23, 2020
@shearn89 @Chriscbr
feat(ec2): access a vpc's internet gateway (aws#7939)
660b9eb 
This commit introduces a new `internetGateway` attribute to the VPC
construct to allow for creative routing using the default IGW added
with when using a public subnet.

Resolves aws#5327

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
curtiseppel pushed a commit to curtiseppel/aws-cdk that referenced this issue Aug 11, 2020
@shearn89
feat(ec2): access a vpc's internet gateway (aws#7939)
af88f8f 
This commit introduces a new `internetGateway` attribute to the VPC
construct to allow for creative routing using the default IGW added
with when using a public subnet.

Resolves aws#5327

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@deepu-james
Copy link 

const igw = vpc.node.findChild('IGW') as CfnInternetGateway;

@jeanblanchard This is not working now.
const igw = existingDefaultVPC.node.findChild('IGW') as ec2.CfnInternetGateway; throws an error message "No child with id: 'IGW' at Node.findChild"
Is there a different way to get the internet gateway id from an imported VPC?

@daverickdunn
Copy link

Don't know if this is a regression, or if it was never fixed, but this still doesn't work in 1.134.0 and it previously didn't work in 1.117.0. The internetGatewayId field of Vpc is undefined when using Vpc.fromLookup. Same applies for the proposed workaround above.

@shearn89
Copy link
Contributor

Hi @daverickdunn - unless it was added since I did the work on this then the PR never supported getting the IGW ID from an imported VPC, as stated in the README: I just didn't have the time to add it in since that wasn't my use case!

Still, I'm curious why the escape hatch isn't working, unless the child name has changed. I'll see if I can dig through and find out.

@daverickdunn
Copy link

@shearn89 Yep, my apologies, I should probably open a new issue for this. FWIW, I did a quick console.log of the imported node and it's children and there was nothing resembling an IGW.

@shearn89
Copy link
Contributor

It looks like the VPC Context Provider in cx-api isn't actually returning the internet gateway, if I'm reading it correctly...

@jordan-brough jordan-brough mentioned this issue Feb 22, 2022
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rix0rrr rix0rrr

Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. in-progress This issue is being actively worked on.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(ec2): access a vpc's internet gateway
6 participants
@shearn89 @rix0rrr @jeanblanchard @daverickdunn @SomayaB @deepu-james